Research from Spirent with ESG Reveals Shifting Priorities in Response to Increased Cybersecurity Complexity
September 19 2018 - 7:00AM
Business Wire
CISO Responsibilities Expand from Protecting
Apps and End-to-End Business Processes to Include Balancing
Security and Operational Excellence
Spirent Communications plc (LSE: SPT) today announced the
availability of a research report conducted by Enterprise Strategy
Group (ESG) that reveals a number of crucial shifts in
cybersecurity priorities among enterprises. The increased
complexity of the IT environment, combined with increasingly
sophisticated attacks and a rapidly evolving threat landscape, is
causing organizations to invest more money in cybersecurity and
start to focus on the impact of cyber threats and cybersecurity
from a business perspective.
One of the report’s key findings is that in many organizations
(96 percent), the traditional role of the Chief Information
Security Officer (CISO) has expanded. As security concerns are
integrated into the planning for new digital initiatives, CISOs are
more often included as active participants in enterprise business
discussions. By including CISOs from the beginning, enterprises can
proactively balance security and performance with operational
functions such as ease of access, reliability, and a positive user
experience.
The primary driver cited for the elevation of the CISO is the
increasing difficulty of protecting enterprise data. Nearly 80
percent of the 413 enterprise security professionals surveyed cited
the expanded volume and sophistication of malware as the main
reason it is becoming is harder to protect vital information.
According to the report, multiple security researchers indicate
that 80–90 percent of malware attacks target a single device and
50–60 percent of malicious web domains are active for one hour or
less. These trends speak to the rise of targeted attacks designed
to penetrate the network of a single organization. Targeted attacks
act as small needles in a large haystack, making cybersecurity
practices increasingly difficult.
The second most frequently cited reason for the increase in
cybersecurity difficulty is the increase in the number of company
IT initiatives. Digital business projects, cloud and third-party
infrastructure, and the Internet-of-Things (IoT) make security
substantially more challenging. The report states, “Security teams
find it difficult to learn the nuances of these technology
initiatives, understand the associated risks, and implement the
right security safeguards to protect their organizations.”
Inserting security executives directly into the business
conversation enables them to promote advances in digital business
while balancing associated risk.
CISOs who are given responsibility for both business and
security can address security from the very beginning of a project.
A total of 86 percent of respondents agreed that applying
cybersecurity to initial project planning and development can help
decrease the likelihood of a security breach. Testing for both
security and performance should be ongoing, from the early stages
of the project through live operation. According to the report, “To
ensure strong security, many InfoSec pros believe this testing
should be done on a continuous rather than periodic basis.” In
addition, 79 percent of those surveyed agreed that organizations
should test the effectiveness of security controls more
frequently.
“Security must be a proactive measure within the enterprise,”
said John Weinschenk, general manager, Enterprise Network and
Application security at Spirent Communications. “To meet the
demands of business and the realities of threats and risk, security
professionals must be actively involved with the business and
integrate security considerations from the very beginning of a
project.”
“Moving security leadership into business planning is rapidly
becoming both a necessity and a reality,” said Jon Oltsik, senior
principal analyst, ESG Research. “Enterprises must balance business
considerations with security consciousness to be enablers of growth
while keeping risk in check.”
Another encouraging fact from the research is that 92 percent of
the organizations surveyed were planning to increase their
cybersecurity budgets through 2018. The areas in which
organizations were most likely to increase spending included
network security, cloud security, and application security. Some of
the planned increase stemmed from unifying business and security
functions and the desire to treat security as an integral part of
the development process, increasing the need for earlier and more
frequent security testing.
In addition, the new data shows that too many organizations have
an inadequate level of security staff and are particularly lacking
staff with combined experience in networking and security. CISOs
can help bridge these skill gaps.
The ESG Research Insights report, Cybersecurity Realities and
Priorities for 2018 and Beyond, is based on a survey of 413 IT and
cybersecurity professionals in the United States, the UK, and
Australia who work at enterprises with more than 1,000 employees.
The enterprises span a range of industries and governments, with a
concentration in financial services, manufacturing,
retail/wholesale, healthcare, and information technology (IT). The
report is free and can be downloaded from Spirent’s web site. An
on-demand webinar on the study, featuring ESG’s Jon Oltsik, is also
available from Spirent.
About Spirent
Spirent Communications plc (LSE: SPT) offers test, measurement,
analytics and assurance solutions for next-generation devices and
networks. The company provides products, services and information
for high-speed Ethernet, positioning and mobile network
infrastructure markets, with expanding focus on service assurance,
cybersecurity and 5G. Spirent is accelerating the transition of
connected devices, network equipment and applications from
development labs to the operational network, as it continues to
innovate toward fully-automated testing and autonomous service
assurance solutions. For more information, please visit
www.spirent.com and follow us on LinkedIn, Twitter and
Facebook.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20180919005120/en/
Americas:Corman Communications, LLCPatrick Corman,
+1-650-326-9648mobile: +1-650-465-5973patrick@cormancom.comorAsia
Pacific:Spirent CommunicationsJanet Peng, +86 (10) 82330055
x160janet.peng@spirent.comorEurope:Spirent CommunicationsMark
Price, +44 7725 724834mark.price@spirent.com
Spirent Communications (LSE:SPT)
Historical Stock Chart
From Apr 2024 to May 2024
Spirent Communications (LSE:SPT)
Historical Stock Chart
From May 2023 to May 2024